Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
ibm spectrum protect vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2020-5020
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 could allow a remote malicious user to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click ...
Ibm Spectrum Protect Plus
4.4
CVSSv3
CVE-2020-5021
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 does not invalidate session after a password reset which could allow a local user to impersonate another user on the system. IBM X-Force ID: 193657.
Ibm Spectrum Protect Plus
5.3
CVSSv3
CVE-2020-5022
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 may allow unauthenticated and unauthorized access to VDAP proxy which can result in an attacker obtaining information they are not authorized to access. IBM X-Force ID: 193658.
Ibm Spectrum Protect Plus
5.3
CVSSv3
CVE-2020-4771
IBM Spectrum Protect Operations Center 8.1.0.000 up to and including 8.1.10.and 7.1.0.000 up to and including 7.1.11 could allow a remote malicious user to obtain sensitive information, caused by improper authentication of a websocket endpoint. By using known tools to subscribe t...
Ibm Spectrum Protect Operations Center
5.9
CVSSv3
CVE-2020-4783
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 could allow a remote malicious user to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information u...
Ibm Spectrum Protect Plus
9.8
CVSSv3
CVE-2020-4854
IBM Spectrum Protect Plus 10.1.0 thorugh 10.1.6 contains hard-coded credentials, such as a password or cryptographic key, which it uses for its own inbound authentication, outbound communication to external components, or encryption of internal data. IBM X-Force ID: 190454.
Ibm Spectrum Protect Plus
8
CVSSv3
CVE-2020-4703
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 Administrative Console could allow an authenticated malicious user to upload arbitrary files which could be execute arbitrary code on the vulnerable server. This vulnerability is due to an incomplete fix for CVE-2020-447...
Ibm Spectrum Protect Plus
6.5
CVSSv3
CVE-2020-4711
IBM Spectrum Protect Plus 10.1.0 up to and including 10.1.6 could allow a remote malicious user to traverse directories on the system. An attacker could send a specially-crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM...
Ibm Spectrum Protect Plus
9.8
CVSSv3
CVE-2020-4693
IBM Spectrum Protect Operations Center 7.1.0.000 up to and including 7.1.10 and 8.1.0.000 up to and including 8.1.9 may allow an malicious user to execute arbitrary code on the system, caused by improper validation of data prior to export. IBM X-Force ID: 186782.
Ibm Spectrum Protect Operations Center
7.5
CVSSv3
CVE-2020-4559
IBM Spectrum Protect 7.1 and 8.1 could allow an malicious user to cause a denial of service due ti improper validation of user-supplied input. IBM X-Force ID: 183613.
Ibm Spectrum Protect
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »